четверг, 19 марта 2009 г.

Concept preview of Webspider express security scanner (pure AJAX :) has been recently published – this is a tool that allows analyzing in seconds the software which is the most frequently used by attackers. The system is intended to make protection express analysis of Internet and Intranet users, users of electronic commerce systems and Internet provider clients.

The current version is able to detect a vulnerability in popular ActiveX components and plug-ins, Mozilla Firefox and Opera browsers, Java and Adobe Flash applications and also MS07-042, MS08-069 and MS09-002 updates.We plan to publish a detailed article about the used techniques in April.

вторник, 10 марта 2009 г.

In 2006, because of a number of reasons, we decided to shift the burden of publishing vulnerability details to software vendors and stop publishing the details about previously detected problems. However, many customers ask us to assist in vulnerability elimination in third-party vendor software. This induces us to resume the process.The most interesting current problem (in my opinion) is a number of vulnerabilities in VMWare that allows attackers to gain access from guest to host OS. And right to the kernel.